Vulnerabilities > Python > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-08 | CVE-2023-6507 | Unspecified vulnerability in Python 3.12.0/3.13.0 An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. | 4.9 |
2023-10-17 | CVE-2023-45803 | urllib3 is a user-friendly HTTP client library for Python. | 4.2 |
2023-10-15 | CVE-2018-25091 | Open Redirect vulnerability in Python Urllib3 urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). | 6.1 |
2023-08-25 | CVE-2023-40217 | Unspecified vulnerability in Python An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. | 5.3 |
2023-08-22 | CVE-2022-48564 | Resource Exhaustion vulnerability in multiple products read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | 6.5 |
2023-08-22 | CVE-2022-48566 | Race Condition vulnerability in multiple products An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. | 5.9 |
2023-08-15 | CVE-2023-38898 | Unspecified vulnerability in Python 3.13.0 An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. | 5.3 |
2023-06-07 | CVE-2023-33595 | Use After Free vulnerability in Python 3.12.0 CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. | 5.5 |
2023-05-26 | CVE-2023-32681 | Requests is a HTTP library. | 6.1 |
2023-04-19 | CVE-2023-27043 | Improper Input Validation vulnerability in Python The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. | 5.3 |